Re: [cas-user] CAS 4.1.9 overlay consumes SAML 2.0 and 1.x assertions

OK, We do not have an IDP yet. CAS 5.2 would be able to do that without relying delegate-authentication, right? Yan On Thursday, April 12, 2018 at 3:42:26 PM UTC-4, Misagh Moayyed wrote: > > You want to start with something like this: >

Re: [cas-user] CAS 4.1.9 overlay consumes SAML 2.0 and 1.x assertions

You want to start with something like this: https://apereo.github.io/cas/4.1.x/integration/Delegate-Authentication.html External identity providers are referred to as "Clients", in the sense that CAS is a client of that identity provider. Build the one for SAML and proceed. IIRC, only SAML2

[cas-user] CAS 4.1.9 overlay consumes SAML 2.0 and 1.x assertions

Hello, We are running CAS 4.1.9. An external vendor wants to do SSO with us. User login on their side, and they will send us SAML assertion, so that user can SSO to our App. without login again. Can CAS (without Shibboleth) consume such SAML 1.x and/or 2.0 assertion? I think CAS 5.x can, is

Re: [cas-user] Re: CAS 5.2 login with UPN removing domain

Try this: cas.authn.ldap[0].principalAttributeList=uid,userprincipalname Instead of this: cas.authn.ldap[0].principalAttributeId=userprincipalname -William On Thursday, April 12, 2018 at 2:40:00 AM UTC-5, dag wrote: > > Thanks for your comment William. > > > I've in cas.properties: > >

Re: [cas-user] CAS-Management - Bottle at the sea - Need advice or help

I see you pom.xml has ldap module, but I do not see you ldap properties. Did I miss it? Sorry if so. The log makes me think cas is trying to do an ldap lookup and all of the properties it needs are not defined. Do you have all of these in you cas.properties? # Authentication

[cas-user] CAS 5.2.x as IDP using SAML 2.0

Hello everyone, We are recently in process of upgrading from CAS3.5 to CAS5.2 as part of this effort we need to provide support of SAML authentication to an external application (say 'abc' application). Here 'abc' will be the SP and new CAS5.x will be the identity provider. Could someone

Re: [cas-user] Issue handling Browser Back button in CAS UI flow

Hello, I am using this as an example that CAS flow does not support BACK button. That is not the real problem I am facing. We have added a couple more screens in the login flow, such as requiring user to change password if it expires, setting up user when login to CAS for the first time.

[cas-user] Re: Thread count keeps growing at tomcat 8.5 with CAS 5.1

We’re facing the same issue on 5.2.2, tomcat 8.0. I’ve also related the number of Timers to the SAML logins. Logging org.opensaml in debug mode, I can see a metadata resolver refresh files every ~10 seconds. Given the refresh interval of 2 hours and the number of Timers, this seems to be the

Re: [cas-user] Cas5 Ldap Authentication

Hi Manfredo Hopp, How to send authorities to an application On Thursday, March 8, 2018 at 11:09:54 AM UTC-6, Manfredo Hopp wrote: > > see > > > https://apereo.github.io/cas/development/installation/Configuring-Custom-Authentication.html > > 2018-03-08 11:32 GMT-03:00 yashwanth chowdary

[cas-user] Re: Thread count keeps growing at tomcat 8.5 with CAS 5.1

I haven't found a solution to this issue. It seems to be related to SAML2 services. Any time one of them creates a service ticket, the thread count increases and never decreases. I checked the 5.3 RC2 and it doesn't seem to have the same issue. Once that release is a stable version, I'll be

Re: [cas-user] CAS-Management - Bottle at the sea - Need advice or help

Hghj the same time and 4vn nu cum e bine hahaha ttdt On Thu, Apr 12, 2018, 11:32 Olivier Calzi wrote: > Hi William, > > As i showed in my configuration on my first post i have the same ldap > configuration on the management.properties and the cas.properties. > What do you

Re: [cas-user] CAS-Management - Bottle at the sea - Need advice or help

Hi William, As i showed in my configuration on my first post i have the same ldap configuration on the management.properties and the cas.properties. What do you mean exactly ? Thanks On Thursday, April 12, 2018 at 4:23:36 AM UTC+2, William E. wrote: > > This makes me think you have a bad ldap

Re: [cas-user] Re: CAS 5.2 login with UPN removing domain

Thanks for your comment William. I've in cas.properties: cas.authn.ldap[0].userFilter=(|(uid={user})(userprincipalname={user})) cas.authn.ldap[0].principalAttributeId=userprincipalname It seems upn is not allowed in this version. Anyway, the filter it's not working. I've to type user@domain to

[cas-user] Re: Thread count keeps growing at tomcat 8.5 with CAS 5.1

Up, someone's has found something about this ? Le lundi 28 août 2017 16:02:48 UTC+2, Song, Doe-Hyun a écrit : > > Good Morning All, > > > > Since we go to production with CAS 5.1, we keep having growing Thread > counts. > > > > We use ehcache for HA implementation and ldap for